[Remote] Product Security Engineer
Note: The job is a remote job and is open to candidates in USA. StackAI is focused on building trust with enterprises developing AI assistants on their platform, and they are seeking a hands-on Senior Product Security Engineer. The role involves designing and hardening secure architecture, owning security-critical systems, and ensuring security is integrated into the development lifecycle.ResponsibilitiesOwn encryption and signing. Take ownership of our KMS, key management, BYOK, envelope encryption, and signing pipeline across both cloud and on-prem deploymentsâoperating, hardening, and evolving them as the platform scalesProtect the most sensitive customer data. Extend our PHI/PII scrubbing and strengthen the data-protection foundations that regulated enterprises already rely onSecure the storage layer. Own encryption at rest and tenant isolationKeep security the default in how we ship. Maintain and expand the secure-by-default templates and reference implementations embedded in our SDLCâthe ones engineers actually want to adoptThreat-model the platform. Lead threat modeling on the seams between systems (the execution engine, connector trust boundaries, and multi-tenant isolation), using modern, AI-assisted threat-modeling toolingRaise the bar on tooling. Push our scanning further on coverage, signal, and CI enforcement, so critical findings never reach productionBe the technical point of contact for security standards. Translate audit, compliance, and incident-response requirements into real implementation in our codebaseSkills4+ years building security-critical systems in production, with significant time spent implementing, not only reviewing or assessingPractical depth in cryptography and key management: encryption, KMS, secrets handling, and signing in real systemsSecure architecture judgment: you can design and reason about secure systems and hold your own as a technical peer with senior engineersMulti-tenant SaaS isolation experience, including the data-isolation guarantees regulated customers requireStrong secure-coding skills in our stack: Python on the backend, TypeScript/Node.js on the product surfacesComfortable wiring security checks and gates into CI/CD so security is enforced automatically in the pipelineCloud and API security fundamentals on GCP, Azure, or AWSSecuring on-prem, self-hosted, or air-gapped deploymentsExperience in regulated domains (healthcare/PHI, finance, etc.)Familiarity with AI/LLM platform security: agent execution, connector trust boundaries, prompt and tool-call riskStartup or growth-stage experienceCompany OverviewBuild and deploy Enterprise-Grade AI Agents. It was founded in 2023, and is headquartered in Cambridge, Massachusetts, USA, with a workforce of 51-200 employees. Its website is https://stack-ai.com.Company H1B SponsorshipStackAI has a track record of offering H1B sponsorships, with 4 in 2025. Please note that this does not guarantee sponsorship for this specific role.